Efficient Hierarchical Identity-Based Encryption System for Internet of Things Infrastructure

Security is a main concern for the Internet of Things (IoT) infrastructure as large volumes of data are collected and processed in the systems. Due to the limited resources of interconnected sensors and devices in the IoT systems, efficiency is one of the key considerations when deploying security solutions (e.g., symmetric/asymmetric encryption, authentication, etc.) in IoT. In this paper, we present an efficient Hierarchical Identity-Based Encryption (HIBE) system with short parameters for protecting data confidentiality in distributed IoT infrastructure. Our proposed HIBE system has the public parameters, private key, and ciphertext, each consisting of a constant number of group elements. We prove the full security of the HIBE system in the standard model using the dual system encryption technique. We also implement the proposed scheme and compare the performance with the original Lewko–Waters HIBE. To the best of our knowledge, our construction is the first HIBE system that achieves both full security in the standard model and short parameters in terms of the public parameters, private key, and ciphertext.

Download Full-text

Cryptanalysis of a Compact Anonymous HIBE with Constant Size Private Keys

The Computer Journal ◽

10.1093/comjnl/bxy130 ◽

2018 ◽

Vol 62 (8) ◽

pp. 1087-1091

Author(s):

Xi-Jun Lin ◽

Lin Sun ◽

Haipeng Qu ◽

He-Qun Xian

Keyword(s):

Standard Model ◽

Prime Order ◽

Private Key ◽

Identity Based Encryption ◽

Constant Size ◽

The Standard Model ◽

Identity Based

AbstractRecently, Zhang et al. proposed a new anonymous hierarchical identity-based encryption (anonymous HIBE) over prime order groups to achieve both constant size private key and constant size ciphertext. Moreover, a double exponent technique was used to provide anonymity. They proved that their scheme is secure and anonymous against chosen plaintext attacks in the standard model. In this paper, we point out that their scheme is insecure.

Download Full-text

Cocks’ Identity-Based Encryption in the Standard Model, via Obfuscation Techniques (Short Paper)

Advances in Information and Computer Security - Lecture Notes in Computer Science ◽

10.1007/978-3-030-26834-3_16 ◽

2019 ◽

pp. 273-283

Author(s):

Xin Wang ◽

Shimin Li ◽

Rui Xue

Keyword(s):

Standard Model ◽

Short Paper ◽

Identity Based Encryption ◽

The Standard Model ◽

Identity Based

Download Full-text

Attribute-Based Authentication Protocol of the Internet of Things

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.765-767.1726 ◽

2013 ◽

Vol 765-767 ◽

pp. 1726-1729

Author(s):

Yan Bing Liu ◽

Wen Jing Ren

Keyword(s):

Internet Of Things ◽

Authentication Protocol ◽

Security And Privacy ◽

The Internet ◽

Security Level ◽

The Public ◽

The Core ◽

Attribute Based Encryption ◽

Identity Based ◽

The Internet Of Things

Security and privacy is always the most important issues by the public in the Internet of Things. The core problems are associated with the diversifying of the Internet towards an Internet of things, and the different requirements to the security level for application. Therefore, this paper is to put forward an authentication model and protocol to cope with the problem. The protocol is adopted with attribute-based encryption to replace the traditional identity-based encryption (IBE), and then make formalization analysis to the security of the protocol by using BAN logic.

Download Full-text

k-Resilient Identity-Based Encryption in the Standard Model

Topics in Cryptology – CT-RSA 2004 - Lecture Notes in Computer Science ◽

10.1007/978-3-540-24660-2_6 ◽

2004 ◽

pp. 67-80 ◽

Cited By ~ 20

Author(s):

Swee-Huay Heng ◽

Kaoru Kurosawa

Keyword(s):

Standard Model ◽

Identity Based Encryption ◽

The Standard Model ◽

Identity Based

Download Full-text

Leakage-Resilient Hierarchical Identity-Based Encryption with Recipient Anonymity

International Journal of Foundations of Computer Science ◽

10.1142/s0129054119400197 ◽

2019 ◽

Vol 30 (04) ◽

pp. 665-681

Author(s):

Yinghui Zhang ◽

Menglei Yang ◽

Dong Zheng ◽

Tiantian Zhang ◽

Rui Guo ◽

...

Keyword(s):

Data Security ◽

Secret Key ◽

Leakage Resilience ◽

Identity Based Encryption ◽

Cryptographic Primitive ◽

Dual System Encryption ◽

The Standard Model ◽

Leakage Resilient ◽

Key Leakage ◽

Identity Based

As a promising public key cryptographic primitive, hierarchical identity-based encryption (HIBE) introduces key delegation mechanisms into identity-based encryption. However, key leakage and recipient anonymity issues have not been adequately addressed in HIBE. Hence, direct applications of traditional HIBE schemes will violate data security and abuse users’ privacy in practice. In this paper, we propose an anonymous unbounded hierarchical identity-based encryption scheme, which achieves bounded leakage resilience and the hierarchy depth is not limited. Our security proofs based on the dual system encryption technique show that the proposed scheme is capable of resisting key leakage and it realizes recipient anonymity in the standard model. In addition, leakage resilience analysis indicates that our scheme allows the leakage rate of approximate 1/3 no matter the hierarchy depth of identities. Finally, performance comparisons show the practicability of our scheme. In particular, the secret key of our construction is of a fixed-length.

Download Full-text

New Fuzzy Identity-Based Encryption in the Standard Model

Informatica ◽

10.15388/informatica.2010.296 ◽

2010 ◽

Vol 21 (3) ◽

pp. 393-407 ◽

Cited By ~ 3

Author(s):

Yanli Ren ◽

Dawu Gu ◽

Shuozhong Wang ◽

Xinpeng Zhang

Keyword(s):

Standard Model ◽

Identity Based Encryption ◽

The Standard Model ◽

Identity Based ◽

Fuzzy Identity

Download Full-text

Toward efficient authentication for space-air-ground integrated Internet of things

International Journal of Distributed Sensor Networks ◽

10.1177/1550147719860390 ◽

2019 ◽

Vol 15 (7) ◽

pp. 155014771986039 ◽

Cited By ~ 6

Author(s):

Baokang Zhao ◽

Puguang Liu ◽

Xiaofeng Wang ◽

Ilsun You

Keyword(s):

Internet Of Things ◽

Mutual Authentication ◽

Security Threats ◽

Identity Based Encryption ◽

Encryption Schemes ◽

Verification Time ◽

Speed Up ◽

Global Coverage ◽

Identity Based ◽

The Internet Of Things

Space-air-ground integrated Internet of things can improve the scope of Internet of things applications significantly by offering truly global coverage all over the world. While space-air-ground integrated Internet of things is promising to be very useful in many aspects, its deployment and application should overcome severe security threats, for example, interceptions, identity forgery, data tampering, and so on. Authentication is an essential step to protect the Internet of things security, and mutual authentication (i.e. two-way authentication) is especially important to ensure the security of both communication parties simultaneously. However, the intrinsical properties of network dynamics and wide coverage make the authentication concern in space-air-ground integrated Internet of things extremely challenging than traditional Internet of things networks. In this article, we propose MASIT, an identity-based efficient and lightweight mutual authentication scheme for space-air-ground integrated Internet of things. MASIT exploits the natural broadcast property of space-air-ground integrated Internet of things to speed up authentication process, and leverage the distinguished feature of IPv6 to support concurrent numerous nodes. Theoretically, we prove that MASIT is existential unforgeable secure under adaptively chosen message and identity Attacks. We also implement MASIT and other existing typical identity-based encryption schemes and evaluate their performance in real platforms. Experimental results showed that, MASIT outperforms the existing identity-based encryption schemes significantly, that is, the signature verification time can be reduced by 50% to 60%, and the user signature size can be reduced by 13% to 50%.

Download Full-text

SECURITY ANALYSIS OF A FUZZY IDENTITY-BASED ENCRYPTION SCHEME

Journal of Circuits System and Computers ◽

10.1142/s0218126614500339 ◽

2014 ◽

Vol 23 (03) ◽

pp. 1450033 ◽

Cited By ~ 2

Author(s):

MIAOMIAO TIAN ◽

LIUSHENG HUANG ◽

WEI YANG

Keyword(s):

Security Analysis ◽

Error Tolerance ◽

Encryption Scheme ◽

Security Model ◽

Private Key ◽

Identity Based Encryption ◽

The Standard Model ◽

Real World Applications ◽

Identity Based ◽

Fuzzy Identity

Fuzzy identity-based encryption (FIBE) scheme is a kind of identity-based encryption (IBE) scheme, in which any user's identity is composed by a set of attributes and any ciphertext encrypted under identity ID can be decrypted by using a private key corresponding to identity ID′ if ID′ is close to ID as measured by some metric. Due to the error-tolerance property, FIBE scheme is very useful in real-world applications. However, most FIBE schemes are provable secure only in a weaker security model. In order to eliminate this problem, Ren et al. recently proposed a new FIBE scheme and proved that it is fully chosen-ciphertext secure in the standard model. Unfortunately, in this paper, we will show that their FIBE scheme is even not chosen-plaintext secure.

Download Full-text

Security of Identity-Based Encryption Algorithms

Encyclopedia of Information Science and Technology, Fourth Edition ◽

10.4018/978-1-5225-2255-3.ch431 ◽

2018 ◽

pp. 4975-4984

Author(s):

Kannan Balasubramanian ◽

M. Rajakani

Keyword(s):

Key Management ◽

Public Key ◽

The Public ◽

Private Key ◽

Identity Based Encryption ◽

Public Keys ◽

Identity Based ◽

Encryption Algorithms ◽

Encrypted Communication ◽

E Mail

The concept of Identity Based Cryptography introduced the idea of using arbitrary strings such as e-mail addresses and IP Addresses to form public keys with the corresponding private keys being created by the Trusted Authority(TA) who is in possession of a system-wide master secret. Then a party, Alice who wants to send encrypted communication to Bob need only Bob's identifier and the system-wide public parameters. Thus the receiver is able to choose and manipulate the public key of the intended recipient which has a number of advantages. While IBC removes the problem of trust in the public key, it introduces trust in the TA. As the TA uses the system-wide master secret to compute private keys for users in the system, it can effectively recompute a private key for any arbitrary string without having to archive private keys. This greatly simplifies key management as the TA simply needs to protect its master secret.

Download Full-text

Security of Identity-Based Encryption Algorithms

Advanced Methodologies and Technologies in System Security, Information Privacy, and Forensics - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-7492-7.ch025 ◽

2019 ◽

pp. 312-325

Author(s):

Kannan Balasubramanian ◽

M. Rajakani

Keyword(s):

Key Management ◽

Public Key ◽

The Public ◽

Private Key ◽

Identity Based Encryption ◽

Public Keys ◽

Identity Based ◽

Encryption Algorithms ◽

Encrypted Communication ◽

E Mail

The concept of identity-based cryptography introduced the idea of using arbitrary strings such as e-mail addresses and IP addresses to form public keys with the corresponding private keys being created by the trusted authority (TA) who is in possession of a systemwide master secret. Then a party, Alice, who wants to send encrypted communication to Bob need only Bob's identifier and the systemwide public parameters. Thus, the receiver is able to choose and manipulate the public key of the intended recipient which has a number of advantages. While IBC removes the problem of trust in the public key, it introduces trust in the TA. As the TA uses the systemwide master secret to compute private keys for users in the system, it can effectively recompute a private key for any arbitrary string without having to archive private keys. This greatly simplifies key management as the TA simply needs to protect its master secret.

Download Full-text